Monday, October 4, 2010

Step by Step Installation and Configuration Monit monitoring Server


What is Monit ?
Monit is a utility for managing and monitoring, processes, files, directories and devices on a UNIX system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.

Download monit

http://mmonit.com/monit/download/

Monit Features
* Daemon mode – poll programs at a specified interval
* Monitoring modes – active, passive or manual
* Start, stop and restart of programs
* Group and manage groups of programs
* Process dependency definition
* Logging to syslog or own logfile
* Configuration – comprehensive controlfile
* Runtime and tcp/IP port checking (tcp and udp)
* SSL support for port checking
* Unix domain socket checking
* Process status and process timeout
* Process cpu usage
* Process memory usage
* Process zombie check
* Check the systems load average
* Check a file or directory timestamp
* Alert, stop or restart a process based on its characteristics
* MD5 checksum for programs started and stopped by monit
* Alert notification for program timeout, restart, checksum, stop resource and timestamp error
* Flexible and customizable email alert messages
* Protocol verification. HTTP, FTP, SMTP, POP, IMAP, NNTP, SSH, DWP,LDAPv2 and LDAPv3
* An http interface with optional SSL support to make monit accessible from a webbrowser



Installing Monit:
$  tar zxvf monit-x.y.z.tar.gz (were x.y.z denotes version numbers)
 $  cd monit-x.y.z
 $  ./configure (use ./configure --help to view available options)
 $  make && make install

Configuring monit to /etc/monitrc as follow

monit configuration file is located at /etc/monit/monitrc.If you want to see the default configuration file click here

By default all the lines in configuration file is commented out you can uncomment the lines which ever you want to monitor

Here we are going to see the some example configuration file

set daemon 120
# poll at 2-minute intervals. Monit will wakeup every two minute to
# monitor things. Time must be given in seconds.

set logfile syslog facility log_daemon
# Set syslog logging.

# Set a default mail from-address for all alert messages emitted by monit.
# All alert mail will be sent to below mail address.
set mail-format { from: webmaster@debianhelp.co.uk }
set alert root@domain.com

# You can define your mail-notification format. Do man monit
mail-format {
from: webmaster@debianhelp.co.uk
subject: $SERVICE $EVENT at $DATE
message: Monit $ACTION $SERVICE at $DATE on $HOST,

Yours sincerely,
Debianhelp
}

# Make monit start its web-server. So you can access it from web browser.
set httpd port 2812 and
use address domain.com

##Monit web-server ACL.
allow localhost # allow localhost to connect to the server and
allow 172.19.1.2 # allow 172.19.1.2 to connect to the server,
# You can give only one per entry

allow admin:monit # user name and password for authentication.

allow debianhelp:debianhelp # set multiple user to access through browser.

# Monitoring the apache2 web services.
# It will check process apache2 with given pid file.
# If process name or pidfile path is wrong then monit will
# give the error of failed. tough apache2 is running.
check process apache2 with pidfile /var/run/apache2.pid

#Below is actions taken by monit when service got stuck.
start program = "/etc/init.d/apache2 start"
stop program= "/etc/init.d/apache2 stop"
# Admin will notify by mail if below of the condition satisfied.
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 200.0 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
group server

#Monitoring slapd process.

check process slapd with pidfile /var/ldap/var/run/slapd.pid
start program = "/etc/init.d/slapd start"
stop program= "/etc/init.d/slapd stop"
if failed port 389 then restart
if 2 restarts within 3 cycles then timeout
group server

# monit will only monit/give alert in this mode.
mode passive

# Check Database file, size,permission etc...
check file slapd-database with path /var/ldap/var/openldap-data/mydata.db
if failed permission 700 then alert
if failed uid data then alert
if failed gid data then alert
if timestamp > 15 minutes then alert
if size > 100 MB then alert

#Check directory for permission.
check directory bin with path /bin
if failed permission 755 then unmonitor
if failed uid 0 then unmonitor
if failed gid 0 then unmonitor

#Check host for which services up/down on particular port.
check host domain.com with address 192.168.1.1
if failed icmp type echo with timeout 4 seconds then alert
if failed port 21 then alert
if failed port 22 type tcp 22 with timeout 40 seconds then aler
if failed port 80 protocol http then alert
if failed port 389 type tcp with timeout 15 seconds then alert

#check directory bin with path /bin
if failed permission 755 then unmonitor
if failed uid 0 then unmonitor
if failed gid 0 then unmonitor

After modifying the configuration file you should check for the syntax to make sure they are correct. To do this run:

TO check correct syntec of monit configuration file used # monit -t



Now you can run monit directly:# monit

Monitoring Monit Through Web interface

Monit Web interface will run on the port number 2812.If you have any firewall in your network setup you need to enable this port.

Now point your browser to http://localhost:2812/ (make sure port 2812 isn't blocked by your firewall), log in with admin and test, and you should see the monit web interface

 

1 comment: